1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
|
--
-- Create a new user with the next unused usesysid
--
CREATE FUNCTION viewperms_nextid () RETURNS int4 AS '
SELECT max(usesysid) + 1 AS ret FROM pg_user;
' LANGUAGE 'sql';
CREATE FUNCTION viewperms_testid () RETURNS oid AS '
SELECT oid(textin(int4out(usesysid))) FROM pg_user
WHERE usename = ''viewperms_testuser'';
' LANGUAGE 'sql';
INSERT INTO pg_shadow VALUES (
'viewperms_testuser',
viewperms_nextid(),
false, true, false, true,
NULL, NULL
);
--
-- Create tables and views
--
CREATE TABLE viewperms_t1 (
a int4,
b text
);
CREATE TABLE viewperms_t2 (
a int4,
b text
);
INSERT INTO viewperms_t1 VALUES (1, 'one');
INSERT INTO viewperms_t1 VALUES (2, 'two');
INSERT INTO viewperms_t1 VALUES (3, 'three');
INSERT INTO viewperms_t2 VALUES (1, 'one');
INSERT INTO viewperms_t2 VALUES (2, 'two');
INSERT INTO viewperms_t2 VALUES (3, 'three');
CREATE VIEW viewperms_v1 AS SELECT * FROM viewperms_t1;
CREATE VIEW viewperms_v2 AS SELECT * FROM viewperms_t2;
CREATE VIEW viewperms_v3 AS SELECT * FROM viewperms_t1;
CREATE VIEW viewperms_v4 AS SELECT * FROM viewperms_t2;
CREATE VIEW viewperms_v5 AS SELECT * FROM viewperms_v1;
CREATE VIEW viewperms_v6 AS SELECT * FROM viewperms_v4;
CREATE VIEW viewperms_v7 AS SELECT * FROM viewperms_v2;
--
-- Change ownership
-- t1 tuser
-- t2 pgslq
-- v1 pgslq
-- v2 pgslq
-- v3 tuser
-- v4 tuser
-- v5 pgsql
-- v6 pgsql
-- v7 tuser
--
UPDATE pg_class SET relowner = viewperms_testid()
WHERE relname = 'viewperms_t1';
UPDATE pg_class SET relowner = viewperms_testid()
WHERE relname = 'viewperms_v3';
UPDATE pg_class SET relowner = viewperms_testid()
WHERE relname = 'viewperms_v4';
UPDATE pg_class SET relowner = viewperms_testid()
WHERE relname = 'viewperms_v7';
--
-- Now for the tests.
--
-- View v1 owner pgsql has access to t1 owned by tuser
SELECT * FROM viewperms_v1;
-- View v2 owner pgsql has access to t2 owned by pgsql (of cause)
SELECT * FROM viewperms_v2;
-- View v3 owner tuser has access to t1 owned by tuser
SELECT * FROM viewperms_v3;
-- View v4 owner tuser has NO access to t2 owned by pgsql
-- MUST fail with permission denied
SELECT * FROM viewperms_v4;
-- v5 (pgsql) can access v2 (pgsql) can access t1 (tuser)
SELECT * FROM viewperms_v5;
-- v6 (pgsql) can access v4 (tuser) CANNOT access t2 (pgsql)
SELECT * FROM viewperms_v6;
-- v7 (tuser) CANNOT access v2 (pgsql) wanna access t2 (pgslq)
SELECT * FROM viewperms_v7;
GRANT SELECT ON viewperms_v2 TO PUBLIC;
-- but now
-- v7 (tuser) can access v2 (pgsql via grant) can access t2 (pgsql)
SELECT * FROM viewperms_v7;
--
-- Tidy up - we remove the testuser below and we don't let
-- objects lay around with bad owner reference
--
DROP VIEW viewperms_v1;
DROP VIEW viewperms_v2;
DROP VIEW viewperms_v3;
DROP VIEW viewperms_v4;
DROP VIEW viewperms_v5;
DROP VIEW viewperms_v6;
DROP VIEW viewperms_v7;
DROP TABLE viewperms_t1;
DROP TABLE viewperms_t2;
DROP FUNCTION viewperms_nextid ();
DROP FUNCTION viewperms_testid ();
--
-- Remove the testuser
--
DELETE FROM pg_shadow WHERE usename = 'viewperms_testuser';
|
